Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE4E4A0C842311F0B17163C9DAE4EC9C.roa
File: EE4E4A0C842311F0B17163C9DAE4EC9C.roa (raw, json)
Hash identifier: YqWwLsTswHGlxi9kI8zbfomj4oi9El/9371WEJl1NlE=
Subject key identifier: 3C:40:56:0A:B2:BC:87:DA:81:8A:9B:02:06:45:7C:A3:BC:27:CE:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0199F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE4E4A0C842311F0B17163C9DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 15:30:31 +0000
ROA not before: Thu 28 Aug 2025 15:30:25 +0000
ROA not after: Mon 06 Oct 2025 15:30:25 +0000
asID: 49505
IP address blocks: 154.205.244.0/24 maxlen: 24
154.205.245.0/24 maxlen: 24
154.205.246.0/24 maxlen: 24
154.205.247.0/24 maxlen: 24
154.209.208.0/24 maxlen: 24
154.209.209.0/24 maxlen: 24
154.209.210.0/24 maxlen: 24
154.209.211.0/24 maxlen: 24
154.209.212.0/24 maxlen: 24
154.209.213.0/24 maxlen: 24
154.223.198.0/24 maxlen: 24
154.223.199.0/24 maxlen: 24
154.223.200.0/24 maxlen: 24
154.223.201.0/24 maxlen: 24
154.223.202.0/24 maxlen: 24
154.223.203.0/24 maxlen: 24
154.223.204.0/24 maxlen: 24
154.223.205.0/24 maxlen: 24
154.223.206.0/24 maxlen: 24
154.223.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104946 (0x199f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 15:30:25 2025 GMT
Not After : Oct 6 15:30:25 2025 GMT
Subject: CN=68b07617-3d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:cb:28:1f:78:be:e9:9e:f0:b6:33:3d:44:f0:
7d:54:10:a1:72:e6:ee:a6:17:3c:08:5d:77:d4:b0:
ab:c2:f7:7c:29:7d:1a:a1:db:2e:a5:51:75:fc:1a:
b8:4d:84:9f:80:5a:d5:bf:92:3e:52:66:66:82:0e:
63:7a:cd:d5:5d:b0:63:8e:56:8c:39:3a:c9:8a:77:
f0:40:7d:4f:6c:8f:91:b8:ef:98:b3:48:42:ac:db:
40:34:0d:05:02:8f:77:da:c0:a3:96:c1:60:eb:3a:
d5:a2:36:df:af:21:39:f4:99:f9:72:2f:10:fc:88:
94:92:3b:bb:d9:d0:81:f2:df:eb:63:59:e5:65:87:
e3:22:05:29:cd:5b:7b:f7:ef:56:b8:0c:24:19:73:
95:e9:27:b1:9e:7f:ef:2c:7d:5f:6d:4f:af:8a:ef:
ab:ba:b4:12:ed:f0:0c:69:e4:c8:c7:da:71:22:81:
02:e7:fd:95:7c:28:c3:ad:2f:6a:7b:36:36:37:4e:
db:df:02:95:45:6b:25:75:8b:e5:4b:34:13:a0:d6:
27:bd:06:45:ff:eb:11:34:3c:aa:b1:2b:2c:df:ec:
90:fd:6b:37:0c:8f:ea:61:9b:84:06:29:48:ec:85:
21:1c:97:da:c6:b7:05:96:57:9a:48:58:d9:9c:82:
9d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:40:56:0A:B2:BC:87:DA:81:8A:9B:02:06:45:7C:A3:BC:27:CE:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE4E4A0C842311F0B17163C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.244.0/22
154.209.208.0-154.209.213.255
154.223.198.0-154.223.207.255
Signature Algorithm: sha256WithRSAEncryption
b0:a3:66:68:73:1f:ad:b5:85:b5:ad:ec:31:a4:78:01:1f:bb:
4b:bc:fc:d7:98:b4:5a:a9:9b:1d:50:aa:af:d8:55:2f:62:50:
6a:c4:57:44:a6:1a:1c:a7:00:ba:b1:61:90:f5:d1:8c:f1:65:
e8:cf:b4:9f:1d:5d:52:f5:03:7c:1f:ec:59:21:af:19:aa:0c:
64:6a:9b:1e:05:d3:88:6c:3d:2b:75:4f:bd:79:2e:b7:bd:5f:
f0:8f:52:ce:fb:13:30:23:c5:dd:ed:3e:d9:10:e7:2d:af:16:
57:e2:31:37:cf:04:ca:8e:24:b1:9c:e7:79:e6:c1:a7:db:d0:
3d:10:f6:c7:d3:08:a7:be:65:e2:c0:cf:d6:09:a6:3e:8c:08:
5d:95:e0:46:47:5b:38:f4:54:f5:61:35:ae:7e:1d:40:d5:0b:
e6:32:00:8c:f7:bd:64:c6:9d:d3:47:f2:5e:09:ad:84:65:e9:
b1:cb:b9:2a:82:95:b3:2f:2d:a1:f2:d5:34:fa:25:4c:da:9f:
9b:1a:fb:d9:30:f7:90:3a:b8:9e:37:50:81:d2:b3:f7:88:95:
9e:e0:5f:4d:9d:a9:7b:3f:fe:06:a0:44:95:e8:50:eb:1e:89:
30:1f:b2:76:fb:ce:ee:3d:ff:64:82:46:40:12:03:02:ae:5c:
52:c5:a2:a7
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAZnyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTUzMDI1WhcNMjUxMDA2MTUzMDI1WjAYMRYw
FAYDVQQDEw02OGIwNzYxNy0zZDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2csoH3i+6Z7wtjM9RPB9VBChcubuphc8CF131LCrwvd8KX0aodsupVF1
/Bq4TYSfgFrVv5I+UmZmgg5jes3VXbBjjlaMOTrJinfwQH1PbI+RuO+Ys0hCrNtA
NA0FAo932sCjlsFg6zrVojbfryE59Jn5ci8Q/IiUkju72dCB8t/rY1nlZYfjIgUp
zVt79+9WuAwkGXOV6Sexnn/vLH1fbU+viu+rurQS7fAMaeTIx9pxIoEC5/2VfCjD
rS9qezY2N07b3wKVRWsldYvlSzQToNYnvQZF/+sRNDyqsSss3+yQ/Ws3DI/qYZuE
BilI7IUhHJfaxrcFlleaSFjZnIKdKQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFDxA
VgqyvIfagYqbAgZFfKO8J87aMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTRFNEEwQzg0MjMxMUYwQjE3MTYzQzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCms30MAwDBASa0dADBAGa
0dQwDAMEAZrfxgMEBJrfwDANBgkqhkiG9w0BAQsFAAOCAQEAsKNmaHMfrbWFta3s
MaR4AR+7S7z815i0WqmbHVCqr9hVL2JQasRXRKYaHKcAurFhkPXRjPFl6M+0nx1d
UvUDfB/sWSGvGaoMZGqbHgXTiGw9K3VPvXkut71f8I9SzvsTMCPF3e0+2RDnLa8W
V+IxN88Eyo4ksZzneebBp9vQPRD2x9MIp75l4sDP1gmmPowIXZXgRkdbOPRU9WE1
rn4dQNUL5jIAjPe9ZMad00fyXgmthGXpscu5KoKVsy8tofLVNPolTNqfmxr72TD3
kDq4njdQgdKz94iVnuBfTZ2pez/+BqBElehQ6x6JMB+ydvvO7j3/ZIJGQBIDAq5c
UsWipw==
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:41:47 2025 by rpki-client